<?php

/**
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 * http://www.gnu.org/copyleft/gpl.html
 */
 


/**
 *  @file
 *  @Author Samuel Maura
 *  Update user info
 */

// session
session_start();
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/controllers/authorize.php");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/controllers/debug.inc");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/controllers/validate.inc");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/lib/session/sessionUtils.inc");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/models/user.php");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/models/sqlSafe.php");


$_SESSION['validation_error'] = "";
$validatedInputs = array();
$inputs = trimInputArray($_POST);
// save original values in session
savePost();




if ($inputs['update_email'] != ''){
   // Are we only updating email ?
  if (($inputs['old_password'] == '') && ($inputs['new_password'] == '') && ($inputs['confirm_password'] == '') ){
    updateEmail(strtolower($inputs['update_email']));
    header("Location: ../views/wikiusersettings.php");
  }
  else if (($inputs['old_password'] != '') && ($inputs['new_password'] != '') && ($inputs['confirm_password'] != '')){
    updateEmail(strtolower($inputs['update_email']));
    updatePassword($inputs['old_password'],$inputs['new_password'],$inputs['confirm_password']);
  
  }
  else{
    $_SESSION['validation_error'] = "Far a password update all password fields are required ";
  }
}
else{
  $_SESSION['validation_error'] = "new email is required";
}

checkErrors('validation_error','../views/wikiusersettings.php');




function updateEmail($email){
   if ($_SESSION['email'] != $email){
     $user = new User();
     $sqlSafe = new SqlSafe(dbManager::connect());
     $email = $sqlSafe->safe($email);
     if ( $user->updateEmail($_SESSION['user_id'],$email) ){
       $_SESSION['email'] = $user->getEmail($_SESSION['user_id']);
        $_SESSION['validation_error'] = "email updated";
     }
     else{
       header("Location: ../views/wikierror.php");
       exit;
     }
   }
}


function updatePassword($old_password,$new_password,$confirm_password){
   if ($new_password == $confirm_password){
      if ($new_password == $old_password){
        $_SESSION['validation_error'] = "No changes made: old and new password cannot be identical";
        header("Location: ../views/wikiusersettings.php");
        exit;
      }
      $user = new User();
      if ($user->updatePassword($_SESSION['user_id'],$old_password,$new_password)){
        $_SESSION['validation_error'] = "Session updated successfully. Please login";
        header("Location: ../controllers/wikilogout.php");
        exit;
      }
      else{
         $_SESSION['validation_error'] = "Password invalid";
        header("Location: ../views/wikiusersettings.php");
        exit;
      }
   }
   else{
     $_SESSION['validation_error'] = "Password mismatch.";
     header("Location: ../views/wikiusersettings.php");
     exit;
   }
}



?>